Jeff Spivey, of Security Risk Management Inc., Elected Vice President of ISACA

Taken from BlogRolling Meadows, IL, USA (27 June 2011)—Jeff Spivey, CRISC, CPP, PSP, director of Security Risk Management Inc. (SRM) in Charlotte, North Carolina, USA, was elected international vice president of ISACA—a global association serving 95,000 IT governance, assurance and security professionals in 160 countries—at its World Congress:  INSIGHTS 2011 conference in Washington DC, USA, today. 

“Jeff’s expertise will be a strong asset to the ISACA board,” said Ken Vander Wal, CISA, CPA, partner (retired) at Ernst & Young, who was elected international president of ISACA today. “His security and risk management experience will be of great value to the association and its members.”

Founded in 1969, ISACA develops international standards for information systems auditing and control, provides education and training, and administers the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), and Certified in Risk and Information Systems Control (CRISC) designations. Additionally, ISACA developed and continually updates COBIT, the internationally accepted framework for governance of enterprise IT.


“It is humbling to be a part of ISACA’s global contribution to the IT systems and audit professionals,” said Spivey. “I am most proud of being involved with our constituents as we further build a stronger, collaborative community, advocating leadership to ensure trust in, and value from, information systems.”

Spivey is also a vice president with RiskIQ, identifying online threats to business using real-time intelligent risk assessments. He entered the private security industry in 1983 at the NCNB (predecessor to the Bank of America), where he rose to senior security management positions. In 1989, seeing the growing demand for security consulting services in the private sector, Spivey established SRM. SRM has served corporate and government clients in diverse industries throughout the world. These engagements have addressed special risk exposures in information, personnel, physical, financial and operational security.


Spivey is a member of the US State Department’s Overseas Security Advisory Council (OSAC) and serves on the Advisory Board for the National Center for Judicial Security of the US Department of Justice. He is a past president and chairman of the board for ASIS International and is one of the founders of the Alliance for Enterprise Security Risk Management (AESRM), a collaboration of ASIS International and ISACA.


Spivey serves on ISACA’s External Relations Committee and the Knowledge Management Task Force. He was a trustee of the IT Governance Institute, ISACA’s research arm, from 2009 to 2011.


In addition to Spivey, six other IT professionals were elected to ISACA leadership positions. Ken Vander Wal, CISA, CPA, partner (retired) at Ernst & Young, was elected international president (USA). Elected as international vice presidents were Christos Dimitriadis, CISA, CISM, head of information security at INTRALOT S.A. (Greece); Greg Grocholski, CISA, corporate auditor at The Dow Chemical Company (USA); Tony Hayes, CGEIT, AFCHSE, CHE, FACS, FCPA, FIIA, associate director-general of the Department of Communities in the Queensland Government (Australia); Niraj Kapasi, CISA, FCA, IT auditor and director for Kapasi Bangad Tech Consulting Pvt. Ltd. (India); and Jo Stewart-Rattray, CISA, CISM, CGEIT, CSEPS, director of information security at RSM Bird Cameron (Australia).


Two directors were appointed to ISACA’s board:  Allan Boardman, CISA, CISM, CGEIT, CRISC, CA (SA), CISSP, information risk manager at a leading investment bank (United Kingdom), and Marc Vael, CISA, CISM, CGEIT, CISSP, chief audit executive at Smals (Belgium). 


Photos and biographies of all board members are available at